OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script

Cybersecurity researchers are warning about a new phishing campaign that targets Microsoft OneDrive users with the aim of executing a malicious PowerShell script. "This campaign heavily relies on social engineering tactics to deceive users into executing a PowerShell script, thereby compromising...

Zivver: Cross-Site Scripting thorough XSSJacking/PasteJacking Technique

The documentation website you found is a static website and the only way to inject the payload is by pasting it in the search box. There is no way to compose a url that you can send to someone else that would then also trigger the attack. Even with a successful attack, there is no user data on th...

PasteJacker - Add PasteJacking To Web-Delivery Attacks

The main purpose of the tool is automating PasteJacking/Clipboard poisoning/whatever you name it attack with collecting all the known tricks used in this attack in one place and one automated job as after searching I found there's no tool doing this job the right way. Now while this attack depend...